Nmap Development mailing list archives
Re: Adding new NSE discovered targets to Nmap
From: David Fifield <david () bamsoftware com>
Date: Mon, 6 Sep 2010 15:37:22 -0600
On Fri, Aug 13, 2010 at 05:22:15PM +0100, Djalal Harouni wrote:
On 2010-08-12 15:35:53 -0500, Ron wrote:Attached a script that does a DHCP request then scans the DHCP address range. I ran into a couple issues, though. First, if I do socket:connect("255.255.255.255", 67, "udp") - it doesn't work. It appears to, but packets don't get sent. I've run into issues with broadcasting like that before, and I don't understand exactly what's going on, but does anybody have any ideas? For now, in this script, I hardcoded 192.168.1.1 as the router's address -- definitely not optimal. Second, I have to use pcap_receive() to get the response from the DHCP server (because DHCP is crazy). pcap_receive() requires an interface and a MAC address. Since this is a prescan rule, there's no interface so I hardcode "eth0". Is that going to break on non-Linux or is that standard for Nmap? Is there some way I can enumerate ethernet interfaces so I can send out the DHCP request on all of them? If not, would it be hard to add?We should add support for iflist and getinterfaces() functions to NSE to be able to enumerate and use net interfaces and perhaps routes ? First I've planned to pass them in the net table to prerule/postrule scripts, but the prefered solution was to not use a net table and only add some NSE API.
Yes, such an interface is a good idea. Do you want to make a design and API for it? Or you, Ron? What do you need in order to make dhcp-discover work? Hardcoding eth0 is definitely going to break in many situations. I think what we need is a table that represents the same information as struct interface_info (libnetutil/netutil.h). Like nmap.getinterfaces() would return a table of such tables. Henri showed that we can get these kinds of changes in fairly quickly. I'd love to see a patch and then get in these script changes (once we solve the braodcasting issue too). David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Receiving broadcasts in Nsock, (continued)
- Re: Receiving broadcasts in Nsock Patrik Karlsson (Aug 16)
- Re: Receiving broadcasts in Nsock David Fifield (Sep 17)
- Re: Receiving broadcasts in Nsock David Fifield (Sep 19)
- Re: Receiving broadcasts in Nsock Patrik Karlsson (Sep 21)
- Re: Receiving broadcasts in Nsock David Fifield (Sep 30)
- Re: Receiving broadcasts in Nsock Patrik Karlsson (Sep 30)
- Re: Receiving broadcasts in Nsock David Fifield (Sep 30)
- Re: Adding new NSE discovered targets to Nmap Djalal Harouni (Aug 12)
- Re: Adding new NSE discovered targets to Nmap Djalal Harouni (Aug 31)
- Re: Adding new NSE discovered targets to Nmap David Fifield (Sep 06)
- Re: Adding new NSE discovered targets to Nmap Djalal Harouni (Sep 10)